On Sun, Nov 04, 2007 at 08:07:20AM -0600, Steven Stern wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 11/04/2007 06:45 AM, Bob Goodwin wrote:
>
> I often see a long list of of these packets blocked in the
> Firestarter log.
>
>
> --------------------- iptables firewall Begin
> ------------------------
> Listed by source hosts:
> Logged 63 packets on interface eth0
> From 192.168.1.6 - 63 packets to igmp(0) udp(161,5353)
>
> ---------------------- iptables firewall End
> -------------------------
>
> It appears that I [192.168.1.6] am the source of them? Should I
> have 5353 open? What is there significance?
>
> Bob Goodwin
>
>
5353 is used by Windows dynamic DNS. If you're not supporting dynamic
DNS on your local network, you can continue to drop/ignore the packets.
They're needed only by a DNS/DHCP server.
5353 is multicast DNS (mDNS), part of bonjour/rendevouz, used by Apple,
Linux and others, for service discovery.
--
lfr
0/0